Monday, April 09, 2018

How modern democracies face destruction if they can't stop building digital Maginot Lines

The recent revelations in the media about the collection of personal information from up to 87 million Facebook users by Cambridge Analytica and its use to influence political outcomes (successful or not), should be sending chills down the spines of everyone involved in information security, privacy and governance.

That people's data can be appropriated and used to manipulate democratic processes is a clear threat to the basis of democracies around the world - and governments appear to be flailing on what to do about this.

Now certainly corporations, such as Facebook and Google, have both legislative and business reasons to protect personal data. It's their lifeblood for making profits and without a sufficient level of public trust to keep people using these services these companies would largely disappear overnight.

However governments also have a responsibility to safeguard their citizens, and their own institutions, from external manipulations of their democratic systems - whether this come from foreign states, corporations or even particularly influential groups in society.

While Facebook is responsible for allowing a researcher to create an app that could such down the personal data of many people, even without their consent, it may not have been illegal for Cambridge Analytica to do this (although their subsequent use of this data for electoral manipulation may have been), and while Facebook may be investigated for privacy breaches, the consequences to Facebook and Cambridge Analytica appear to be more social than official to-date.

For me the spotlight is more on governments than the corporations involved. Laws exists to provide a legal basis for managing anti-social behaviour and power imbalances (such as between large organisations and individuals) such that the basic unit of the state, the individual citizen, has their personal rights protected and has clarity about their obligations as a citizen.

In this case governments did not have the laws and frameworks in place to detect, limit or even rapidly prosecute massive breaches of personal privacy or attacks on their own institutional validity.

Governments that cannot protect themselves or their citizens from external influences - whether these be physical or digital - do not remain governments for long.

I see the Cambridge Analytics scandals as another in a long series of examples as to how modern democratic governments have failed to put appropriate mechanisms in place to protect citizens and themselves from modern threats.

Like the Maginot Line built by France in the 1930s, governments are investing in expensive, unwieldy and inflexible infrastructures for past threats. And, like the Maginot Line in 1940, these infrastructures have proven again and again that they fail in the face of modern agile opponents.

Thus far the reaction by governments has largely been to acknowledge failure, promise to do better and then return to investing in legacy infrastructure, attempting to modify it as cheaply and as little as possible to address modern threats.

From the cascading series of security breaches at scale, rising digital interference in western elections and undermining of democratic institutions - I think the evidence is clear that the strategy is failing.

So what are governments to do? How do they adapt their approaches to address a threat that can come at any time, through any channel and often targets civilian infrastructure rather than state-controlled infrastructure?

The first step is to recognise that their current approach is not working. The political and commercial opponents seeking to weaken, influence, manipulate and destroy western states do not limit themselves to playing by western rules.

The second step is to recognise that this isn't a problem that governments can solve alone. Protecting government infrastructure is pointless if power grids and financial sectors are manipulated or destroyed. If a hacker wants to shut down a government office it is often easiest to cut their power or payroll than attack the government's servers directly. In the longer-term the public can be turned against a government through social media engagement using fake news and slanted reports.

The third step is to redefine what constitutes the state and what it values. Government is a tool used to govern a population. It is a component, but not the only, or even the most essential, in defining a nation's character or values.

Then, we need to rebuild our thinking from first principles. What do we value, and what do we not value? What conduct is appropriate, and by whom? How do we protect freedoms for citizens while defining their responsibilities? How do we educate citizens to understand that they have an active ongoing role and responsibility to help maintain our freedoms - that their obligation doesn't stop at a ballot box every few years? How do we redefine the role of corporations and other organisations (including government agencies) as good organisational citizens in a society? What are their rights and obligations towards citizens, stakeholders and shareholders?

This doesn't mean turning western democracy into security states. In my view the growth of state security apparatuses is a poor solution, part of the Maginot Line of centralised control that is failing so badly to protect democracy from a swarm of diverse threats. Indeed, the idea of decentralising security in favour of emphasising personal responsibility through education is, in my view, the best course to protect our nations' values.

We need an inclusive approach, backed by sound principles and collective values, that preserves what is important to our societies and inoculates us from unwanted external influences.

Without this we will lose who we are in protecting what we want - turning us into authoritarian states, the mirror of our enemies.

Read full post...

Tuesday, August 01, 2017

Roundup from GovHack 2017

Starting in a single Canberra venue in 2009, GovHack is now the largest open data hacking competition for government worldwide, with over 3,000 participants, coaches, mentors and organisers across 36 venues around Australia and New Zealand.

Over a 46-hour period participants including coders, creatives, data crunchers and facilitators, redesign and reimagine citizen services and use open data to visualise fresh insights into government decision-making, taking part in a competition with over 80 prizes and a prize pool of over $250,000.

The event is organised and run by volunteers, but GovHack has support from the Australian and New Zealand Governments, all Australian state and territory governments and many local governments across ANZ, as well as a range of corporate sponsors. This was the first year that the Northern Territory became involved with the event.

Many senior public servants drop into the event over the weekend, and have a keen interest in using ideas from GovHack within their agencies.

This year Accenture was the Platinum Sponsor for GovHack, the first time a corporation has taken such a significant interest in the event - a trend I hope continues as these types of event gain steam as a creative way for companies and governments to innovate quickly.

Accenture sponsored two awards, the ‘Into the New’ award for Australia challenged participants to demonstrate innovation and new thinking in all forms. This could be new ways to experience and interact with public data or new approaches to citizen experiences that help citizen and governments journey into the new together. It attracted 138 entrants from around Australia, from a total of 373 projects submitted.

Accenture’s ‘Re:Invention’ award for New Zealand challenged participants to design a citizen experience that builds on something government already does to deliver a more effective and engaging way of interacting. It attracted 12 entrants from Wellington, Auckland and Hamilton, from a total of 66 New Zealand projects submitted.


GovHack by the numbers
While GovHack itself is over for 2017, state award events will be held in August, and an international Red Carpet event for National and International Award winners in October. You can view the closing video from GovHack 2017 here.

All the projects created this year are online in the GovHack Hackerspace, available for inspiration and learning – remaining online to provide hundreds of fresh perspectives on how government can deliver more value to citizens.

you can read more about GovHack 2017 in this LinkedIn post by a mentor, or on Twitter.

Read full post...

Friday, July 28, 2017

The GovHack 2017 Social Media Wall


Read full post...

Wednesday, July 26, 2017

Get revved for GovHack across Australia & New Zealand (28-30 July)

As the world’s largest hackathon, GovHack  is on at over 25 locations across Australia and New Zealand again this year from Friday 6pm this week until Sunday afternoon (28-30 July).
With over 3,000 participants and 437 completed projects in 2016, GovHack is an opportunity to develop prototypes of new services, visualisations and mashups with government open data and other datasets with the chance to be nationally recognised and win prizes at national, state and local levels.

Supported by all levels of Australian government, GovHack is not just for programmers. Some of the projects in previous years have included board games and jewelry (for instance 3D printed bracelets of climate data), alongside websites, mobile apps, wearable apps and APIs.

National awards are announced at a Red Carpet Event, which filled the PowerHouse Museum in Sydney in 2015 (the last one I attended).


While some people form teams before the event, you can also come along as a solo participant, or form a team on the day – providing an opportunity to rub shoulders with all kinds of talented people.

There’s still room to register for some venues if you want to participate.

I’m helping run the ACT local event this year, so will be onsite at Canberra Grammar all weekend. If you’re participating here, come and say hi!

For more information visit the GovHack website or read last year’s report.

Read full post...

Saturday, May 13, 2017

When automation goes wrong - are we giving humans what they need to fix the problem? QF72

This is a brilliant (long) read about what happened when an automated system went rogue - and a cautionary tale about the risks of #automation when #ai replaces and deskills humans operating heavy machinery, like planes - The untold story of QF72 - What happens when 'psycho' automation leaves pilots powerless.

As organisations and our tools progress through #digitaltransformation and humans are relegated to 'backup systems', but  not given the necessary information or control to address unpredicted computer failure, we may be baking in more risk to human lives and livelihoods during edge situations.

Kudos to Qantas's pilots and crew for saving the lives of all passengers on this flight, and note the flow-on consequences that saw those responsible for saving hundreds of lives so affected by the experience that not all of them may have been able to deal successfully with a repeat of this situation. 

If we burn out good people when computers go bad, we may run out of good people before we run out of faulty computers.


Read full post...

Bookmark and Share